Trusted by 7 of the Largest Financial FirmsTrusted by 4 of the Top Telco ProvidersTrusted by 8 of the Largest RetailersTrusted by 6 of the Leading Global Tech CompaniesTrusted by 7 of the Leading Travel & Transportation Groups

Resources

Get to know us better! Gain valuable insights into how we think by visiting our blog, or take a look at the industry events we're frequenting on our events page. You can also geek out with us by attending one of our security management webinars, or dive head first into the products and solutions we provide in our Resource Library. There's lots to keep you busy!

Events

Webinars

Traditional security models are all about the current state – but in the current state of cyber-security, by the time new rules are written, they’re obsolete. Resources have changed, topologies have shifted, traffic has evolved, and applications grew new arms and legs.

Most organizations that I talk to still have their networks designed for 90's era attacks. A hard perimeter and little to nothing on the inside. The one common exception is the part of the network that processes credit card data since PCI DSS specifically identifies the Cardholder Data Network (CDN) and requires controls around it.

Join David Monahan, managing research director at leading IT analyst firm Enterprise Management Associates (EMA), and discover the difference between organizations using an SPOA solution to manage their firewall environments versus those not using one of these solutions.

From the ransomware attacks and sophisticated malware threats of late to simple user configuration error, security practitioners need to be able to see the full picture of where the weaknesses lie in their network infrastructures. FireMon Risk Analyzer was developed for large enterprises and federal agencies in response to the overwhelming number of vulnerabilities on the network at any given time that could be exploited to reach business-critical assets.

To achieve best-in-class risk and vulnerability management, Risk Analyzer overlays vulnerability data from leading scanner technologies on network security configurations collected with the FireMon Security Manager platform to identify exploitable hosts. With this analysis, the application is able to:

Provide a vulnerability score ranked by severity and business risk impact

Score firewalls by the level of risk they expose

Trend risk over time to understand the impact of their remediation efforts on security posture over time

Reduce the time it takes to identify attack paths to vulnerable systems by 90%

Ultimately reduce risk by 35%

Decrease response time to protect assets by 50%

In a recent report from Gartner, When You Can’t Patch It, Protect It From the Network (Nov 2016), by Claudio Neiva, Adam Hils and Prateek Bhajanka, the analyst firm states: “Most organizations face a series of challenges to keep all systems patched, and need to plan on alternative measures to reduce the risk of vulnerabilities being exploited when security patches cannot be installed in a timely manner.” FireMon agrees that security and risk management leaders need to broaden their threat and vulnerability management strategies to apply alternate risk mitigation measures to critical systems and applications that cannot be patched.

“Effectively, cyber attacks today start inside the network via spear phishing or other means. Many network teams have undertaken segmentation as a way to limit accessibility of data from those potential scenarios. However, that is only effective if the implemented policies correctly control access. Determining which systems are vulnerable and accessible through the segmented network is now a critical exercise,” said Matt Dean, Vice President of Product Management for FireMon.

With the continued impact of more sophisticated cybersecurity attacks, enterprise and government security leaders are looking for new technology to help them identify where in their complex network infrastructure attacks would succeed. FireMon’s second-generation Risk Analyzer product combines data from disparate systems in a new powerful way that makes eliminating attack vectors easier and more effective.

“We hear all the time from customers and potential customers the value of being able to assess risks before they become real nightmares for the organization,” explained Dean. “CISOs want to quickly identify the weakest points in the network and remediate them appropriately in accordance with business priorities. For example, if it is a retail organization, then any attack threatening payment card data will be scored the highest and given immediate priority.”

With the technology, available only from FireMon, users can view a map of possible vulnerable paths attackers might use to move across the network layout and see how each asset is exposed or accessible to an attacker.

From there, they can calculate how easy it would be for an attacker to reach the network through different network hosts and internet-facing segments to assess the potential damage, score attack simulations for risk impact and re-score once improvements have been made. Crucially, Risk Analyzer allows for patching systems virtually with the ability to re-run a complete analysis in seconds and compare various patch scenarios to ensure the safest impact is achieved.

About FireMon

FireMon is the No.1 provider of Intelligent Security Management solutions worldwide, combining advanced benchmarking, simulation, and analysis to deliver next generation security intelligence. Since creating the first-ever network security management solution 15 years ago, FireMon solutions have continued to deliver visibility into and control over complex network security infrastructure, policies, and risk to over 1,500 customers around the world.

Using the FireMon Intelligent Security Management platform, today’s leading enterprise organizations, government agencies, and managed security providers have dramatically improved effectiveness of network defenses, accelerating business agility and optimizing return on investment. For more information or a free 30-day trial, visit www.firemon.com.

Using Security Policy And Automation (SPOA) Tools To Reduce The Attack Surface

Attack surfaces have expanded greatly in the past several years, in part because of the amount of new applications coming online via Internet of Things and increasingly connected technology. Organizations have an admittedly tough time keeping up with all the new touchpoints and the rapid expansion of the attack surface. Complete defense is nearly impossible, and many companies struggle with visibility issues, mismatched or misaligned firewall policies, and an inability to comprehensively test the security configurations they do have

Cloud technology gives enterprises faster application deployment, instant storage, workload versatility and pricing models that decrease initial capital investment. It is no wonder enterprises are making the move to the cloud.

Migrations run the risk of cost overrun, delays and disruption of network service - often due to a lack of personnel and process to efficiently and effectively manage. To ensure a successful migration, consider these four key factors: 1) identifying and removing technical mistakes, 2) removing unused access, 3) refining and organizing what remains and 4) continuous, real-time monitoring.

Network Security Policy Management (NSPM) continues to be a difficult practice for organizations the world over. In the last 20 years, network security policies (e.g. firewall rules) have grown by more than 3,500%. Yes, you read that number correctly. Why is that?

Gartner research has uncovered a number of security policy challenges for enterprises. Among these challenges are the typical assessments necessary to fortify policy for compliance and improved security posture.

Welcome to the world of overflowing regulations and compliance standards, of evolving infrastructure and the ever-present breach. It's a world where 72% of security and compliance personnel say their jobs are more difficult today than just two years ago.

Firewall technology has come a long way since its initial, most rudimentary forms. Next-Generation Firewalls (NGFW) are the latest development, and organizations are accelerating adoption to the new technology. But NGFWs aren’t a fix-all solution.

Forrester’s Zero Trust Model of information security helps teams develop robust prevention, detection and incident response capabilities to protect their company's vital digital business ecosystem. This report will help security pros understand the technologies best suited to empowering and extending their Zero Trust initiatives and will detail how Forrester sees this model and framework growing and evolving.

The customer sought a data analysis tool to correlate application data with network and security data to spot service-impacting anomalies. They did not have an accurate picture of interoperability between applications and the underlying infrastructure.

This national insurance provider had three problems to tackle regarding their firewall policies. First, the number of rules under management was overwhelming staff and processes. They needed to increase visibility and effectiveness of their firewall change request/workflow ticketing process. And they also need help maintaining compliance PCI DSS requirements.

Each time this Global MSP engaged a new customer, they had to onboard the firewalls – sometimes hundreds per engagement – into their network. Part of the onboarding process required assessing the policies against internal best practices – a manual, line-by-line process that took an average of 16 hours/firewall and was extremely error-prone.